Описание
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1052
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0028.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0031.html
- http://marc.info/?l=bugtraq&m=102691753204392&w=2
- http://marc.info/?l=bugtraq&m=102692936820193&w=2
- http://www.iss.net/security_center/static/9586.php
- http://www.iss.net/security_center/static/9587.php
- http://www.securityfocus.com/bid/5251
- http://www.securityfocus.com/bid/5258
EPSS
Процентиль: 81%
0.01583
Низкий
CVE ID
Связанные уязвимости
nvd
почти 23 года назад
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
EPSS
Процентиль: 81%
0.01583
Низкий